On Tue, Oct 29, 2024 at 5:11 PM Marc <m...@f1-outsourcing.eu> wrote:
> >
> >
> > I am blocking most of amazon,google,azure clouds with ipsets. I also seem
> > to have added (automatically) ranges that were abusive from apple safe
> > browsing (or so?)
> >
> > I would like to remove these ip addresses of apple safe browsing from the
> > tcp filter, but I want httpd to redirect all these ip clients to a single
> > page. Telling users to disable safe browsing.
> >
> > How can I best do this?
> >
> I have currently these ranges on my abuse list that match ranges apple is 
> communicating as being used by them. I was also thinking about this marking 
> that you can do with ip tables and then based on the mark, maybe redirect to 
> some page?

My first suggestion would have been a set of RewriteRule / rewriteCond
to serve a static html page for all clients that match. Since
mod_rewrite doesn't support IP subnet matching, but only regexes on
e.g. "%{REMOTE_ADDR}", that's not really going to be a nice solution
for such a long list of networks.

As an alternative, you can use Require ip
and define a suitable ErrorDocument.

If you're using ip tables, you can re-route the request to a different
TCP port and configure a vhost that serves the chosen document for any
request to any path.


To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Reply via email to